<?php
session_start();
$con=mysql_connect('localhost','root','');
if (!$con) {
    die ("con error");
}
else
 {
    $member_id = $_SESSION['member_id'];
    $conf = $_GET['conference'];
    $template = $_POST['dOption'];

    if(isset($_POST['reviewers']) || isset($_POST['authors']))
    {
        if ($_POST['TextBox']!=null && isset($_POST['TextBox']))
        {
            if (isset($_POST['authors']) && $template == "N")
            {
                echo '<script type="text/javascript">',
                'alert("You can not send a message thanking the authors!"); window.location="viewmessages.php";', '</script>';
                $message = $_POST['TextBox'];
                $subject = $_POST['subject'];
                sendMessageToReviewers($message, $subject);
            }
            else
            {
                $subject = $_POST['subject'];
                $message = $_POST['TextBox'];
                sendMessageToAuthors($message,$subject);
                sendMessageToReviewers($message,$subject);
            }
        }
        else
        {
            echo '<script type="text/javascript">', 'alert("Error: body can not be empty!"); window.location="viewmessages.php";', '</script>';
        }
    }
    else
        {
            echo '<script type="text/javascript">', 'alert("Error: you did not choose any people!"); window.location="viewmessages.php";', '</script>';
        }
}

//send the message to all the authors selected
function sendMessageToAuthors($message, $subject)
{
    $member_id= $_SESSION['member_id'];
    $conf = $_GET['conference'];

    $con=mysql_connect('localhost','root','');

    //check if there were any authors selected and if the template is not thank you
    if (isset($_POST['authors']))
    {
        $x = $_POST['authors'];
        if (isset($x) && is_array($x))
        {
            //put all the authors selected in an array
            $fulexp = implode(",", $x);

            //loop on each author and insert the message in the database
            foreach ($x as $item)
            {
                $var = intval($item);
                mysql_select_db('mydb', $con);
                mysql_query("INSERT INTO messages (message, subject) VALUES ('$message','$subject')");
                $message_id = mysql_query("SELECT * FROM messages WHERE message='$message'");
                While ($row = mysql_fetch_assoc($message_id))
                {
                    $mesid = $row['message_id'];
                }
                $re = mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                VALUES ($member_id, $var, $conf, $mesid)");
            }
            //notify the user that the message is sent
            echo '<script>',
            'alert("message(s) sent to author(s)!"); window.location="viewmessages.php";',
            '</script>';
        }
    }
}

//send the message to all the reviewers selected
function sendMessageToReviewers($message, $subject)
{
    $member_id= $_SESSION['member_id'];
    $conf = $_GET['conference'];
    $con=mysql_connect('localhost','root','');

    //check if there were any authors selected
    if (isset($_POST['reviewers']))
    {
        $y = $_POST['reviewers'];

        if (isset($y) && is_array($y))
        {
            //put all the reviewers selected in an array
            $fulexp = implode(",", $y);
            //loop on each author and insert the message in the database
            foreach ($y as $item)
             {
                $var = intval($item);
                mysql_select_db('mydb', $con);
                mysql_query("INSERT INTO messages (message, subject) VALUES ('$message', '$subject')");
                $message_id = mysql_query("SELECT * FROM messages WHERE message='$message'");

                While ($row = mysql_fetch_assoc($message_id))
                {
                    $mesid = $row['message_id'];
                }
                $re = mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                    VALUES ($member_id, $var, $conf,  $mesid)");
            }
            //notify the user that the message is sent
            echo '<script>',
            'alert("message(s) sent to reviewer(s)!"); window.location="viewmessages.php";',
            '</script>';
        }
    }


}
mysql_close($con);
?>